Primary

Context

SODOLA SL902-SWTGW124AS Default Credentials Vulnerability Allowing Administrative Access

Vulnerability

A default credentials vulnerability has been identified in the SODOLA SL902-SWTGW124AS firmware versions through 200.1.20. This vulnerability allows remote attackers to gain administrative access to the management interface by using hardcoded default credentials. The lack of password change enforcement enables full administrative control of the device.

Impact

Exploitation of this vulnerability allows for unauthorized administrative access to the device, enabling full control over its management interface and functions.

Remediation

Users can upgrade to the latest firmware version, which is available on the SODOLA website. Instructions for upgrading the firmware are included in the SODOLA Managed Switch Web Manual.

Added: Feb 27, 2026, 6:24 PM

Updated: Feb 27, 2026, 6:24 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SODOLA SL902-SWTGW124AS Default Credentials Vulnerability Allowing Administrative Access

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating